ovpn_copy_server_files: Ensure that no other keys then the one for the server is present.

When creating a multi-server setup I used a partly copied, partly
symlinked directory structure for the different servers after creating a
certificate for each server with `easyrsa build-server-full`. In that
process I also copied the `server` directory.
The rsync command does not delete files which are not excluded so it
included the correct server key and the original one which can be a
security risk.
This commit is contained in:
Robin Schneider 2015-08-26 13:00:17 +02:00
parent 15ac3c89b0
commit 050d4a1f82
No known key found for this signature in database
GPG Key ID: 489A4D5EC353C98A

View File

@ -17,6 +17,9 @@ else
TARGET="$OPENVPN/server" TARGET="$OPENVPN/server"
fi fi
## Ensure that no other keys then the one for the server is present.
rm --recursive --force "$TARGET/pki/private" "$TARGET/pki/issued"
echo " echo "
pki/private/${OVPN_CN}.key pki/private/${OVPN_CN}.key
pki/issued/${OVPN_CN}.crt pki/issued/${OVPN_CN}.crt